Aissam Belghiat
1,21
Department of Computer Science
University of Mohamed Seddik Benyahia-Jijel, Jijel, Algeria aissam.belghiat@univ-jijel.dz
Allaoua Chaoui
22
MISC Laboratory
University of Constantine 2-Abdelhamid Mehri, Constantine, Algeria allaoua.chaoui@univ-constantine2.dz
Abstract
Activity Diagrams have been used largely in modeling the behavior of control flow and data flow. Unfortunately, they suffer from lack of formal semantics due to its semi-formal na- ture as all UML diagrams, which prohibits any task of automatic verification. The use of for- mal methods has been adopted largely, but their interpretation generates another prob- lem. Thus, this paper presents a user-friendly framework that is enabling intuitive visual modeling of systems using UML activity dia- grams, and their verification using pi-calculus formal language, without the obligation to master this formal language.
Keywords: UML, Activity Diagram, Graph transfor- mation, Verification, Pi-calculus
1 Introduction
UML (Unified Modeling Language) [OMG17] is con- sidered as the standard visual modeling language that is used to specify, visualize, construct, and document artifacts in software systems. Its two main objectives are the modeling of systems using object-oriented tech- niques, from design to maintenance, and the creation
Copyright c by the paper’s authors. Copying permitted for private and academic purposes.
In: Proceedings of the 3rd Edition of the International Conference on Advanced Aspects of Software Engineering (ICAASE18), Constantine, Algeria, 1,2-December-2018, pub- lished at http://ceur-ws.org
of an abstract language understandable by humans and interpretable by machines. Although UML is a rich language, with an open and widely used notation, its models still need to be checked to ensure that the behavior specified in these models is correct, and ex- actly meets the functional requirements of the system.
This fact is due to the graphic and semi-formal nature of the UML language i.e. to its semantics which is not formally specified.
On the other hand, pi-calculus [Mil99] is a theoret- ical formal language that provides powerful tools for analysis and verification. It can be used to verify cor- rectness of properties of a model, or check equivalence between two models.
Therefore, UML and pi-calculus have complemen- tary characteristics; UML can be used for intuitive vi- sual modeling while pi-calculus can be used for verifi- cation.
In this paper, we propose an approach that auto- mates the mapping between UML activity diagrams towards pi-calculus. This work is inscribed in the context of the MDA (Model Driven Architecture) [OMG04] where model transformation is used and ex- ploited. More precisely, the graph transformation, which is based on meta-modeling and graph grammar, is used to realize the model transformation as activity diagrams are graphs.
Building a modeling tool from scratch has never been a trivial task; on the contrary it was always dif- ficult and hard. Meta-modeling approach has shown positive performances in dealing with this problem, because it gives freedom and easiness in modeling the formalisms themselves. A formalism model that con- tains enough information allows the automatic gener-
Pi-calculus for Verification Purpose
ation of a tool for constructing models that conforms to the syntax and semantics of the described formal- ism. The graph grammar is used then to transform the models into pi-calculus and returns an understandable analysis feedback to the user. We have used AToM3 (A Tool for Multi-formalism Meta-Modeling) [ATo02];
which is a tool that provides the mechanisms allowing the realization of these concepts.
The rest of the paper is organized as follows. In Section 2, some related works are exposed. In Section 3, we briefly present UML activity diagram, pi-calculus and graph transformation. In Section 4, the proposed framework is explained. In Section 5, an example is presented. Section 6 concludes the paper and gives some perspectives.
2 Related Works
The literature contains a broad range of works regard- ing giving formal semantics to UML diagrams in gen- eral and Activity Diagrams specifically. Among others we choose some works which are very close to ours. In [BCR00], the authors use ASM (Abstract State Ma- chine) for representing behavior semantics of activity diagrams. In [Rod00], an FSP (Finite State Processes) formalism is adopted to formalize activity diagrams.
In [BD00a, BD00b], the CSP (Communicating Sequen- tial Processes) formalism is used to specify the exe- cution semantics of activity diagrams. In [EW02] an activity hypergraph and a Kripke structure have been used as intermediate representations when transform- ing an activity diagram into the model checker NuSMV input language according to STATEMATE semantics.
The last work has been enhanced in [Esh06] by adopt- ing both STATEMATE and UML statechart seman- tics. Other works use Petri-nets and their extensions (Colored Petri-nets, High-level Petri-nets) to formal- ize activity diagrams such as in [SH05, Sto04a, Sto05, Sto04b, BG03].
There is also some works use pi-calculus as seman- tic domain to give formal semantics to activity dia- grams such as in [Lam08] where the authors aim to check a model against its specifications expressed in modal mu-calculus, and also in [YZ04], where a full formal framework is proposed using pi-calculus. The automation of the translations is not provided.
To build automation translations, some works adopted CASE tools such as AToM3 tool which has been used with success in those projects. In [GD03], an AToM3 integrated framework has been developed for the verification of UML models using Petri Nets.
They build meta-models for an UML design (composed of Class, Statecharts and Sequence diagrams) in addi- tion to a Petri Nets meta-model. Then, they use graph grammars to translate the former to the later which al-
low their verification by model checking. In [Ker+10], the authors have used an UML design composed of statechart and collaboration diagrams to propose an AToM3 integrated approach for modeling and analy- sis of such models. They have used graph transfor- mation in mapping the diagrams into Colored Petri net models. In [CEC12], the authors have used a sub- set of UML diagrams to develop an AToM3 integrated framework for their model checking by transforming them into a rewriting system expressed in the Maude language. Other contributions deserve to be cited such as [Bel+14], [BC16] and [BCB16].
We notice that all previous contributions have not taken into account that the user is not specialized in most cases, and he does not master these formal lan- guages, in addition most of them do not even provide automation, what hinders their usage. Thus, in con- trast, we develop in this work an AToM3-based frame- work that automates the mapping of activity diagrams into pi-calculus. In addition we try to drive away the verification task from users by interpreting feedback analysis results. The AToM3 tool is chosen because it offers the capabilities we need to realize our ideas.
3 Background
3.1 UML Activity Diagram
The UML activity diagram [OMG17] is used for mod- eling control flow and data flow. It gives an explana- tion of the sequence of activities and actions specific to an operation or a use case. It provides a set of elements that allow a very rich expression of any se- quence in a system, its notation is relatively close to the state-transition diagram in its presentation, but its interpretation is significantly different. The activity diagram is essentially composed of activities and tran- sitions. An activity specifies a behavior described by an organized sequencing of units whose basic elements are actions. The most common types of actions are:
call operation, call behavior, send, accept event, accept call, reply, create, destroy, and raise exception. Each of them is used to represent the adequate behavior. A transition materializes the transition from one activ- ity to another, it is triggered when the source activity is completed and immediately causes the start of the target activity. Therefore, transitions allow specifying sequence of treatments and define the control flow. Ac- tivity diagrams provide the mechanism for partitions, called swimlanes which allow organizing the nodes of activities by making regroupings.
3.2 Pi-calculus
The pi-calculus [Mil99] is a formal language that has solid mathematical bases. It is a computing model
that is used to represent concurrent and mobile sys- tems by the expression of interactions between evolv- ing processes, its two basic concepts are Names and Processes. A Name represents channels(ports), vari- ables, data while a Process represents a communicat- ing entity in a system. The syntax of the pi-calculus process expression is given in Table 1:
Table 1: pi-calculus Process Expression
3.3 Graph Transformation and AToM3 Graph transformation is one of the approaches used to implement model transformation. It consists on mapping a source graph into another target graph, by using a combined technique of meta-modeling and graph grammar. AToM3 [ATo02] is a powerful model transformation tool that implements the ideas of graph transformation.
The meta-modeling allows specifying the abstract syntax (the relationships between the elements) of any formalism, and its concrete syntax (the graphical no- tation that must be respected by models).
Graph grammars [Roz97] are generalization of Chomsky grammars for graphs. In AToM3, a graph grammar is composed of an initial action, multiple rules and a final action. Initial and final actions are used to provide necessary information before and after the execution of the rules. Each rule has two graphs;
one on its left called the LHS (Left Hand Side) and another one on its right called the RHS (Right Hand Side). A rule is evaluated by comparing its LHS with a zone in an input graph (called host graph). If a matching is found, the rule will be executed and the corresponding matching sub-graph in the host graph will be replaced by the rule RHS. Furthermore, a rule may also have a condition that must be satisfied to ap- ply the rule, as well as actions to be performed when the rule is carried out. The tool has a rewriting sys- tem that iterates applying the matching rules in the graph grammar to the host graph, until no rule is ap- plicable. The rules are also ordered in this tool by a user-assigned priority (higher to lower).
4 The framework
4.1 Overview
In our framework, a combined meta-modelling and graph grammar approach is adopted to build an in- tegrated tool using the AToM3 (see Figure 1). The approach consists of two essential tasks; firstly, we needed to propose a meta-model for activity diagrams to generate an AToM3 integrated environment which supports the visual modeling of these diagrams. Sec- ondly, we have proposed and developed a graph gram- mar which gives us for each activity diagram mod- eled in the tool its corresponding pi-calculus process expression. This last is uploaded immediately in the mobility workbench (MWB) [VM94] to start the ver- ification task. Thirdly, the results of the verification will be exported to the graph grammar (a feedback) that try to identify the problem found by interpreting these results and makes a sign on the diagram itself (the deadlock as example).
Figure 1: The framework architecture
4.2 Formalization of activity diagrams using pi-calculus
Activity diagrams must be provided with formal se- mantics in order to be able to verify any aspect of the behavior [Rod00]. To overcome this problem the pi-calculus can be used for the verification by a trans- formation approach of the activity diagrams into pi- calculus (Table 2)
4.3 Activity diagram Meta-model
Our meta-model is composed of 8 classes and 7 associations developed by the meta-formalism (CD- classDiagramsV3) in order to have an AToM3-based tool which offers the necessary tools to model the ac- tivity diagrams (see Figure 2).
After we have come to model our meta-model, only its generation remains. The generated meta-model contains the set of classes modeled as buttons that are ready to be used for a possible modeling of an ac-
Table 2: Formalization of Activity Diagram
Figure 2: Activity diagrams meta-model under AToM3 tivity diagram. The generated environment is shown in Figure 3:
4.4 The Graph grammar
The construction of graph grammar rules is an impor- tant step in the process of implementing a graph trans- formation. Indeed, it requires a good understanding of both languages. Thus, we have inspired the semantic rules from [Lam08].
Thus we propose the graph grammar (AD2Picalculus) composed of an initial action, 30 rules, and a final action. It should be noted that due to space constraints we cannot present all the rules, so we choose some rules among others and we join them with the Python code used for generating automatically pi-calculus code.
• Initial action:
Role: In the initial action of the graph grammar we have created a file with sequential access named ”pi- calculus.txt” to store the generated pi-calculus code.
• Final action:
Figure 3: Activity diagrams environment under AToM3
Role: In the final action of the graph grammar, we close the file ”picalculus.txt”.
• Rules:
Rule 1 : Initial Node mapping Name : Initial2Initial
Priority : 1
Role: This rule makes it possible to transform an initial node that links by an action to the pi-calculus, in this rule we return the name of the initial node and the name of the outgoing arc, In the condition of the rule we test if the node is already transformed, otherwise the action of the rule opens the file ”pical- culus.txt” and adds the class in the pi-calculus code (see Figure 4).
Figure 4: Initial node mapping in the graph grammar Similar rules are initial2decision, initial2fork, ini- tial2merge, they are described in Figure 5. The dif- ference is in the code python used to generate the pi- calculus code as already seen in table2.
Rule 2 : Action mapping
Figure 5: The rules initial2decision, initial2fork, ini- tial2merge
Name : Action2picalcul Priority : 2
Role:This rule allows transforming an Action with the incoming arc from an action and the outgoing arc that ends to an action, in this rule we return the name of the action and the name of the incoming and out- going arc (see Figure 6).
Figure 6: Action mapping in the graph grammar Examples of similar rules are Action2decision, Ac- tion2Fork, Action2join, Action2merge, Action2final, ...etc.
Rule 3 : Fork mapping Name : fork2picalcul Priority : 5
Role:This rule enables transforming a fork node that is linked by a single incoming arc from an action and outgoing arcs that end to actions (see Figure 7).
An example of a similar rule is join2picalcul. It is applied to locate a join node, and transforms it to pi- calculus code according to the semantic rules already described in Table 2.
Rule 5 : Merge mapping Name : merge2picalcul Priority : 3
Figure 7: Fork mapping in the graph grammar Role:This rule transforms a merge node with two or more incoming arcs from an action and an outgoing arc that ends to an action (see Figure 8).
An example of a similar rule isdecision2picalcul. It is applied to locate a decision node, and transforms it to pi-calculus code according to the semantic rules already described in Table 2.
5 Example
In order to concretize the usefulness of the defined graph transformation, we tried to apply it to the sim- ple example of the activity diagram presented in Fig- ure 9. It should be noted that this example does not claim to be exhaustive, but it includes some important elements of an activity diagram such as: action, fork, join..etc.
The generated pi-calculus code is described in Fig- ure 10:
If we remove the transition between the action ”del- liverorder” and the final node, we create a deadlock in the diagram. Thus, the reloaded pi-calculus code will be similar except for the process (agent):
agent delliverorder(x6,x7) = x6.t.delliverorder(x6,x7)
Our tool will analyze the code using MWB, it im- mediatly detects the deadlock (a state that has no out- going transitions) and the process concerned. The final action of the graph grammar points out the problem by coloring the the corresponding element of the dead- locked process in the graph of the diagram (see Figure 11).
Figure 8: Merge mapping in the graph grammar
Figure 9: Example of an activity diagram
6 Conclusion
The result of our work is an automatic approach that enables visual modeling of systems behavior using UML activity diagrams and their verification using pi- calculus. The proposed approach is based on the graph transformation, and it is carried out using the AToM3 tool. The meta-modeling is used to define an envi- ronment for activity diagrams while the graph gram- mars are used to automate the translation and the analysis feedback. We saw in the last example the deadlock property, some other properties need more advanced feedback mechanisms to be understandable such as counter-examples. In future work, we plan to enable such mechanism by interpreting feedback anal- ysis using Sequence Diagrams depicted in AToM3. In addition, we intend formalizing and integrating in our
Figure 10: The generated pi-calculus code
Figure 11: The analysis feedback on the diagram framework other notational elements such as expan- sion region and interruptible activity region. We plan also to apply our approach to a wider range of real- world critical systems in order to experiment its per- formance.
References
[OMG17] Object Management Group (OMG). Unified Modeling Language (UML), Superstructure, v2.5, http://www.omg.org/, 2017.
[VM94] B. Victor, F. Moller. The Mobility Work- bench -A Tool for the pi-calculus. In: Dill, D. (ed.) CAV 1994. LNCS, vol. 818, pp. 428- 440. Springer, Heidelberg, 1994.
[Roz97] G.Rozenberg. Handbook of Graph Gram- mars and Comp (Vol. 1). World scientific.
doi:10.1142/3303, 1997.
[Mil99] R. Milner. Communicating and Mobile Sys- tems: The pi-calculus.Cambridge University Press, 1999.
[OMG04] Object Management Group (OMG), Model Driven Architecture (MDA), http://www.omg.org/mda , 2004.
[ATo02] AToM3 home page, (online) available at:
http://atom3.cs.mcgill.ca/, 2002.
[BCR00] E. Borger, A. Cavarra, and E. Riccobene. An ASM Semantics for UML Activity Diagrams.
8th International Conference, AMAST 2000, volume 1816 of LNCS, pages 293–308.
Springer-Verlag, 2000.
[Rod00] R. W. S. Rodrigues. Formalising UML Ac- tivity Diagrams using Finite State Processes, UML2000 workshop.2000.
[BD00a] C. Bolton and J. Davies. On giving a behav- ioral semantics to activity graphs, in UML 2000 Workshop Dynamic Behavior in UML Models: Semantic Questions, 2000.
[BD00b] C. Bolton and J. Davies, Activity graphs and processes, in 2nd Int. Conf. Integrated For- mal Methods, LNCS 1945, 2000, pp. 77-96.
[EW02] R. Eshuis and R. Wieringa. Verification sup- port for workow design with UML activity graphs, in 22nd Int. Conf. on Software Engi- neering, ACM Press, 2002, pp. 166-176.
[Esh06] R. Eshuis. Symbolic model checking of UML activity diagrams, ACM Trans. Software En- gineering and Methodology 15(1), 2006.
[SH05] H. Storrle and J. H. Hausmann. Towards a formal semantics of UML 2.0 activities, in German Software Engineering Conf. 2005, 2005.
[Sto04a] H. Storrle. Semantics of Control-Flow in UML 2.0 activities, in 2004 IEEE Symp. Vi- sual Languages and Human Centric Comput- ing, IEEE Computer Society, pp. 235-242, 2004.
[Sto05] H. Storrle. Semantics and verification of data flow in UML 2.0 activities, Electronic Notes in Theoretical Computer Science 127,35-52, 2005.
[Sto04b] H. Storrle. Structured nodes in UML 2.0 ac- tivities, Nordic Journal of Computing 11(3) (2004) 279-302.
[BG03] J. P. Barros and L. Gomes. Actions as activi- ties and activities as Petri nets, in Workshop on Critical Systems Development with UML, 2003.
[Lam08] V.S.W. Lam. On pi-calculus semantics as a formal basis for UML activity diagrams. In- ternational Journal of Software Engineering and Knowledge Engineering 18(4), 541-567, 2008.
[YZ04] D. Yang, S.S. Zhang. Using pi-calculus to for- malize UML activity diagrams. In: 10th Int.
Conf. and Workshop on the Engineering of Computer-based Systems, pp. 47-54. IEEE Computer Society, 2004.
[GD03] E. Guerra and J. DeLara. A Framework for the Verification of UML Models. Examples using Petri Nets. In JISBD’03. Alicante,2003.
[Ker+10] E. Kerkouche, A. Chaoui, E. Bourennane, O. Labbani. A UML and Colored Petri Nets Integrated Modeling and Analysis Approach using Graph Transformation. In Journal of Object Technology, vol. 9, no. 4, 2010, pages 25-43.
[CEC12] W. Chama, R. Elmansouri, A. Chaoui.
Model Checking and Code Generation for UML Diagrams using Graph Transforma- tion. International Journal of Software En- gineering and Applications (IJSEA), Vol.3, No.6, November, 2012.
[Bel+14] A. Belghiat, A. Chaoui, M. Maouche, M.
Beldjehem. Formalization of Mobile UML Statechart Diagrams using the pi-calculus:
An Approach for Modeling and Analysis. In G. Dregvaite and R. Damasevicius (Eds.):
ICIST, CCIS 465, pp. 236247. Springer, 2014.
[BC16] A. Belghiat, A. Chaoui. Mapping Mobile Statechart Diagrams to the Pi-Calculus us- ing Graph Transformation: An Approach for Modeling, Simulation and Verification of Mobile Agent-based Software Systems. Inter- national Journal of Intelligent Information Technologies (IJIIT) 12(4), 2016.
[BCB16] A. Belghiat, A. Chaoui, and M. Beldje- hem.Capturing and Verifying Dynamic Sys- tems Behavior Using UML and Pi-Calculus.
In Theoretical Information Reuse and Inte- gration (pp. 59-84). Springer, 2016.
